HackerTrans
TopNewTrendsCommentsPastAskShowJobs

jamietanna

no profile record

Submissions

Composer's Dependency Policies

nesbitt.io
3 points·by jamietanna·w zeszłym miesiącu·0 comments

Chaoss Metrics in 2026

nesbitt.io
1 points·by jamietanna·2 miesiące temu·0 comments

I hate the recent open-source rise

jvt.me
16 points·by jamietanna·2 miesiące temu·27 comments

A GitHub for Maintainers

nesbitt.io
2 points·by jamietanna·2 miesiące temu·0 comments

Package managers need to cool down

nesbitt.io
5 points·by jamietanna·4 miesiące temu·1 comments

How and why I attribute LLM-derived code

jvt.me
2 points·by jamietanna·5 miesięcy temu·0 comments

[untitled]

1 points·by jamietanna·6 miesięcy temu·0 comments

Quit social media by posting more

posseparty.com
3 points·by jamietanna·7 miesięcy temu·0 comments

Documentation done right: A developer's guide

github.blog
4 points·by jamietanna·8 miesięcy temu·0 comments

Worries about Open Source in the age of LLMs

jvt.me
5 points·by jamietanna·8 miesięcy temu·0 comments

Building a more secure NPM ecosystem with Mend Renovate

mend.io
1 points·by jamietanna·8 miesięcy temu·0 comments

Renovate 42 Is Coming

github.com
2 points·by jamietanna·8 miesięcy temu·0 comments

comments

jamietanna
·w zeszłym miesiącu·discuss
That was a few days ago: https://news.ycombinator.com/item?id=48313577
jamietanna
·2 miesiące temu·discuss
*11.x
jamietanna
·2 miesiące temu·discuss
I personally prefer Free Software (FSF-approved) or Open Source (OSI-approved) licenses, but I also agree that there is a place for other licenses. It's better that there's space for kinda-open, rather than it being open vs completely closed repositories.

I've previously worked at a company using an "open source" license (Elastic, with the ELv2) and have enjoyed having to explain the difference to folks between what it meant to be "open source" vs "Open Source", and the fact that a lot of folks generally don't understand the difference and some of the nuance. Mentioning the BuSL was because it's something a lot more folks may be aware of, i.e. given Hashicorp's recent relicense (as with other companies in recent years)

Sustainability is hard, and having different ways to describe this is good! But it's a lot harder when people don't understand why something calling itself "open source" when it's "but you can't run it if you're a company" is bad
jamietanna
·2 miesiące temu·discuss
I must say, I'm honoured this commenter is so angry about this post, they've read through many of my blog posts, and gone through microsites like my Manual of Me[0], to pull this quote to attempt to criticise me

[0]: https://manual.jvt.me/
jamietanna
·2 miesiące temu·discuss
Hah, yes very true!

If you've not read up on the background between the two - I'd very much recommend it (and sorry if I'm re-explaining something you understand)

With Free Software, it's "free as in freedom", not "free as in gratis". Free Software is generally a bit more strongly biased towards the users of a piece of software, but as businesses started to use it they were a bit unhappy with that, so Open Source came to reduce that a little bit, making it easier for companies to use it, without as many strong protections for a user

See also [1]

[0]: https://www.gnu.org/philosophy/free-sw.en.html [1]: https://www.gnu.org/philosophy/open-source-misses-the-point....
jamietanna
·2 miesiące temu·discuss
I think using `open source`, and clarifying that it includes non-OSI-approved licenses could work.

Alternatively, "source available" is a term that's been used to imply the source is there, but it's not "open source" (which led to the Fair Source folks working on their own naming for it, so as some folks have negative views of "source available")
jamietanna
·2 miesiące temu·discuss
Nice! I've been doing similar, but prefer using Co-authored-by, especially as it allows for cases where there may be multiple models in play
jamietanna
·2 miesiące temu·discuss
As I've written elsewhere in the thread, having worked at a large Enterprise in collaboration with Legal, if there isn't tracking of what AI contributions you have, it's harder to be protected legally by ie Microsoft's indemnity clause if you're sued
jamietanna
·2 miesiące temu·discuss
Agreed they could be clearer on this

IMO (and I am biased because I have written about this before in https://news.ycombinator.com/item?id=47164481) but I believe it's to make sure they're legally covering their users, and making sure users of AI tools do at least have some attribution for AI-derived contributions
jamietanna
·2 miesiące temu·discuss
Was wondering why a few of my sites aren't CSSing, as they use https://classless.de
jamietanna
·2 miesiące temu·discuss
Both Renovate and Dependabot will raise PRs for a security fix, regardless of minimumReleaseAge/cooldown config
jamietanna
·2 miesiące temu·discuss
Ooh thanks!
jamietanna
·2 miesiące temu·discuss
Was wondering if there was a list of known opt outs as we are looking at a default opt out in Renovate[0] - we'll also look to set `DO_NOT_TRACK`

[0]: https://github.com/renovatebot/renovate/discussions/42932
jamietanna
·2 miesiące temu·discuss
Glad to hear you're enjoying Renovate - I'm biased, but I agree that the SHA pinning PR updates are a very nice feature

We recently found (in Renovate) some edge cases with how tags work in GitHub Actions which was fun (https://news.ycombinator.com/item?id=47892740) and there's a few things in there Dependabot doesn't seem to support too
jamietanna
·3 miesiące temu·discuss
And GitLab, too!
jamietanna
·3 miesiące temu·discuss
https://news.ycombinator.com/item?id=47853799 for the curious
jamietanna
·3 miesiące temu·discuss
> The Wayback Machine has not archived that URL.

Might have been taken down?
jamietanna
·3 miesiące temu·discuss
Very much looking forward to getting this on Renovate - we require squash-merge via Merge Queue (with no per-PR override available in GitHub, despite asking) and so when I've got multiple changes, it's a lot of wrangling and rebasing

If this works as smoothly as it sounds, that'll significantly reduce the overhead!
jamietanna
·3 miesiące temu·discuss
Eh, there are some very good reasons[0] that you would do better to track your usage of LLM derived code (primarily for legal reasons)

[0]: https://www.jvt.me/posts/2026/02/25/llm-attribute/
jamietanna
·3 miesiące temu·discuss
Yep, we had to do this recently with Renovate, where we had too many releases, and new publishing hit a size limit on the registry, so we needed support to help us unpublish a load of old releases